7.5. Configure JBoss EAP 6 to Use a Custom Implementation of the Password Vault

Procedure 7.3. Use a Custom Implementation of the Password Vault

1. Create a class that implements the interface SecurityVault.
2. Create a module containing the class from the previous step, and specify a dependency on org.picketbox where the interface is SecurityVault.
3. Enable the custom Password Vault in the JBoss EAP server configuration by adding the vault element with the following attributes:

   code

   The fully qualified name of class that implements SecurityVault.

   module

   The name of the module that contains the custom class.

   Optionally, you can use vault-options parameters to initialize the custom class for a Password Vault. For example:

   /core-service=vault:add(code="custom.vault.implementation.CustomSecurityVault", module="custom.vault.module", vault-options=[("KEYSTORE_URL" => "PATH_TO_KEYSTORE"), ("KEYSTORE_PASSWORD" => "MASKED_PASSWORD"), ("KEYSTORE_ALIAS" => "ALIAS"), ("SALT" => "SALT"),("ITERATION_COUNT" => "ITERATION_COUNT"), ("ENC_FILE_DIR" => "ENC_FILE_DIR")])